28fc3b5391
Add Language::C variant with file detection (.c, Makefile, CMakeLists.txt) and integration across prompts, regex_gen, and path_mapper. Simplify README and guides to be more concise and scannable. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
5.3 KiB
5.3 KiB
Aphoria Scan: stemedb
725 files scanned | 2530 observations | 39 claims (7 pass, 0 conflict, 32 missing)
Claim Verification
| Verdict | Claim | Invariant | Explanation |
|---|---|---|---|
| MISSING | aphoria-no-unwrap-001 |
Production code MUST NOT use unwrap() or expect() | No matching observation found |
| MISSING | aphoria-bridge-tier-001 |
Observation-to-assertion bridge MUST assign Community tier by default | Expected observation to be present, but none found |
| MISSING | aphoria-lifecycle-skip-001 |
Observations bypass Pending lifecycle stage | Expected observation to be present, but none found |
| PASS | aphoria-tls-verify-001 |
TLS certificate verification MUST NOT be disabled in production code | Forbidden value not found (as expected) |
| PASS | aphoria-no-tokio-core-001 |
stemedb-core MUST NOT import tokio to prevent runtime coupling | Forbidden value not found (as expected) |
| PASS | aphoria-no-md5-001 |
MD5 MUST NOT be used for hashing in any security context | No observations found (no contradiction) |
| PASS | aphoria-no-wildcard-cors-001 |
CORS MUST NOT use wildcard (*) origin in production services | Forbidden value not found (as expected) |
| PASS | aphoria-jwt-audience-001 |
JWT audience validation MUST NOT be disabled | Forbidden value not found (as expected) |
| PASS | aphoria-hsts-enabled-001 |
HSTS header MUST NOT be disabled on HTTPS-serving endpoints | Forbidden value not found (as expected) |
| PASS | aphoria-no-hardcoded-secrets-001 |
API keys MUST NOT be hardcoded in source files | Forbidden value not found (as expected) |
| MISSING | dbpool-max-conn-required-001 |
max_connections MUST be a required field, not Optional | No matching observation found |
| MISSING | dbpool-plaintext-pwd-001 |
Connection strings MUST NOT contain plaintext passwords | No matching observation found |
| MISSING | dbpool-max-lifetime-required-001 |
max_lifetime MUST be a required field, not Optional | No matching observation found |
| MISSING | dbpool-conn-timeout-max-001 |
connection_timeout MUST NOT exceed 30 seconds | No matching observation found |
| MISSING | dbpool-min-conn-minimum-001 |
min_connections MUST be at least 2 | No matching observation found |
| MISSING | dbpool-validation-required-001 |
validate_on_checkout MUST be enabled | No matching observation found |
| MISSING | dbpool-metrics-recommended-001 |
Metrics collection SHOULD be enabled for production deployments | No matching observation found |
| MISSING | httpclient-connect-timeout-001 |
TCP connection timeout MUST NOT exceed 10 seconds | No matching observation found |
| MISSING | httpclient-request-timeout-001 |
HTTP request timeout MUST NOT exceed 30 seconds | No matching observation found |
| MISSING | httpclient-read-timeout-001 |
Response body read timeout MUST NOT exceed 30 seconds | No matching observation found |
| MISSING | httpclient-idle-timeout-001 |
Idle connection timeout MUST be configured | No matching observation found |
| MISSING | httpclient-idle-timeout-default-001 |
Idle timeout default SHOULD be 60 seconds | No matching observation found |
| MISSING | httpclient-tls-cert-validation-001 |
HTTPS connections MUST validate server certificates | No matching observation found |
| MISSING | httpclient-tls-enabled-001 |
HTTPS SHOULD be enabled by default for all connections | No matching observation found |
| MISSING | httpclient-tls-min-version-001 |
TLS version MUST be >= 1.2 (TLS 1.0/1.1 deprecated) | No matching observation found |
| MISSING | httpclient-tls-ciphers-001 |
TLS cipher suites SHOULD use modern ciphers only | No matching observation found |
| MISSING | httpclient-max-redirects-001 |
HTTP redirect limit MUST NOT exceed 10 | No matching observation found |
| MISSING | httpclient-redirect-loop-001 |
Redirect loop detection MUST be implemented | No matching observation found |
| MISSING | httpclient-retry-max-001 |
Retry attempts MUST NOT exceed 3 | No matching observation found |
| MISSING | httpclient-retry-backoff-001 |
Retry backoff MUST use exponential strategy | No matching observation found |
| MISSING | httpclient-retry-idempotent-001 |
Retries MUST only apply to idempotent methods | No matching observation found |
| MISSING | httpclient-retry-post-excluded-001 |
POST requests MUST be excluded from automatic retries | No matching observation found |
| MISSING | httpclient-metrics-enabled-001 |
Metrics collection SHOULD be enabled for production HTTP clients | No matching observation found |
| MISSING | httpclient-metrics-exposed-001 |
Core HTTP metrics MUST be exposed: request_count, active_connections, latency_p99, error_rate | No matching observation found |
| MISSING | httpclient-pool-size-001 |
Connection pool size SHOULD be 50-100 per host in production | No matching observation found |
| MISSING | httpclient-pool-default-size-001 |
Default pool size SHOULD be 10 connections per host | No matching observation found |
| MISSING | httpclient-connection-pooling-001 |
Connection pooling SHOULD be enabled for multi-request scenarios | No matching observation found |
| MISSING | httpclient-user-agent-001 |
User-Agent header MUST be sent with all requests | No matching observation found |
| MISSING | httpclient-error-handling-001 |
HTTP request failures MUST return Result, NEVER panic | No matching observation found |